{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for librelp is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol.\n\nSecurity Fix(es):\n\n* librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c (CVE-2018-1000140)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1707",
        "url": "https://access.redhat.com/errata/RHSA-2018:1707"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "1560084",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560084"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1707.json"
      }
    ],
    "title": "Red Hat Security Advisory: librelp security update",
    "tracking": {
      "current_release_date": "2026-06-25T10:51:52+00:00",
      "generator": {
        "date": "2026-06-25T10:51:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.1.0"
        }
      },
      "id": "RHSA-2018:1707",
      "initial_release_date": "2018-05-23T16:00:37+00:00",
      "revision_history": [
        {
          "date": "2018-05-23T16:00:37+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-23T16:00:37+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-25T10:51:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
                  "product_id": "7ComputeNode-7.3.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:7.3::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
                  "product_id": "7ComputeNode-optional-7.3.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:7.3::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
                  "product_id": "7Server-7.3.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
                  "product_id": "7Server-optional-7.3.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.x86_64",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.x86_64",
                  "product_id": "librelp-0:1.2.0-4.el7_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.x86_64",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.x86_64",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.i686",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.i686",
                  "product_id": "librelp-0:1.2.0-4.el7_3.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.i686",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.i686",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.src",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.src",
                  "product_id": "librelp-0:1.2.0-4.el7_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.ppc",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.ppc",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.ppc",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.ppc",
                  "product_id": "librelp-0:1.2.0-4.el7_3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.ppc64",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.ppc64",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.ppc64",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.ppc64",
                  "product_id": "librelp-0:1.2.0-4.el7_3.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.ppc64le",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.ppc64le",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.ppc64le",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.ppc64le",
                  "product_id": "librelp-0:1.2.0-4.el7_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.s390",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.s390",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.s390",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.s390",
                  "product_id": "librelp-0:1.2.0-4.el7_3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "librelp-devel-0:1.2.0-4.el7_3.s390x",
                "product": {
                  "name": "librelp-devel-0:1.2.0-4.el7_3.s390x",
                  "product_id": "librelp-devel-0:1.2.0-4.el7_3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-devel@1.2.0-4.el7_3?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
                "product": {
                  "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
                  "product_id": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp-debuginfo@1.2.0-4.el7_3?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "librelp-0:1.2.0-4.el7_3.s390x",
                "product": {
                  "name": "librelp-0:1.2.0-4.el7_3.s390x",
                  "product_id": "librelp-0:1.2.0-4.el7_3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/librelp@1.2.0-4.el7_3?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
          "product_id": "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7ComputeNode-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
          "product_id": "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.src"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
          "product_id": "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7ComputeNode-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
          "product_id": "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7ComputeNode-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.3)",
          "product_id": "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7ComputeNode-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
          "product_id": "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
          "product_id": "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
          "product_id": "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
          "product_id": "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.ppc",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.ppc64",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64le"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.ppc64le",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.s390",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390x"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.s390x",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.src"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.src",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.s390",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
          "product_id": "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7Server-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.s390",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.i686",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.ppc as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.ppc",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.ppc64",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64le"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.s390 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.s390",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390x"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.s390x",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "librelp-devel-0:1.2.0-4.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
          "product_id": "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64"
        },
        "product_reference": "librelp-devel-0:1.2.0-4.el7_3.x86_64",
        "relates_to_product_reference": "7Server-optional-7.3.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Rainer Gerhards"
          ],
          "organization": "rsyslog"
        },
        {
          "names": [
            "Bas van Schaik",
            "Kevin Backhouse"
          ],
          "organization": "lgtm.com / Semmle",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-1000140",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2018-03-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1560084"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
          "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
          "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
          "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
          "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
          "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
          "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
          "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
          "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64le",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390x",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
          "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
          "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
          "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64le",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390x",
          "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-1000140"
        },
        {
          "category": "external",
          "summary": "RHBZ#1560084",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560084"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000140",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000140"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000140",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000140"
        },
        {
          "category": "external",
          "summary": "https://www.rsyslog.com/cve-2018-1000140/",
          "url": "https://www.rsyslog.com/cve-2018-1000140/"
        }
      ],
      "release_date": "2018-03-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-23T16:00:37+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64le",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390x",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64le",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390x",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1707"
        },
        {
          "category": "workaround",
          "details": "Users are strongly advised not to expose their logging RELP services to a public network.",
          "product_ids": [
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64le",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390x",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64le",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390x",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
            "7ComputeNode-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
            "7ComputeNode-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.i686",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.ppc64le",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.s390x",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.src",
            "7Server-7.3.EUS:librelp-0:1.2.0-4.el7_3.x86_64",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
            "7Server-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.i686",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.ppc64le",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.s390x",
            "7Server-optional-7.3.EUS:librelp-debuginfo-0:1.2.0-4.el7_3.x86_64",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.i686",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.ppc64le",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.s390x",
            "7Server-optional-7.3.EUS:librelp-devel-0:1.2.0-4.el7_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c"
    }
  ]
}